Researchers have identified security vulnerabilities in the Wi-Fi WPA2 protocol which may make all Wi-Fi enabled devices, such as mobiles, computers and internet routers, vulnerable to malicious actors stealing sensitive information such as credit card numbers, passwords and emails.
Malicious actors within range of an affected Wi-Fi device may be able to exploit this vulnerability. At this stage there are no reports of this vulnerability being exploited in Australia.
Internet banking and properly configured Virtual Private Networks (VPNs) remain secure due to an additional layer of encryption, which remains sound.
- Install updates to affected products as soon as they become available. Check with your device vendor on the update status.
- Add an additional layer of encryption to your communication such as a Virtual Private Network (VPN) and ensure you visit secure HTTPS enabled websites.
- Avoid using public Wi-Fi networks for sensitive transactions and familiarise yourself with Stay Smart Online advice.
- Regularly back up sensitive information to a removable device, cloud service, or both.
Good cyber security practices:
- The ACSC recommends all organisations take steps to protect themselves online – the Australian Signals Directorate's Strategies to Mitigate Cyber Security Incidents, including the Essential Eight strategies all businesses should implement as their minimum cyber security baseline.
- Home internet users and small businesses are encouraged to subscribe to Stay Smart Online alerts.